Php emergency code to prevent website attacks _ php instance

This article provides php emergency code to prevent website attacks. This is definitely not the best solution. I just want to provide it to you for further discussion. Not long ago, a website was attacked and the database was flushed away. Fortunately, there was a database backup on the customer's machine. When encountering such a serious problem, you must promptly identify the vulnerability to prevent further attacks. After various checks, we found that apart from the server needs to be correctly configured, we had to solve this attack problem from the IP address.

If you find that an ip address accesses a website too frequently, you can add it to the blacklist to prohibit access. This is not a good solution, but it is only a matter of expediency, I will conduct further research later.

This method is summarized as follows:Prevent website attacks by disabling frequent IP Access.

<? Php header ('content-type: text/html; charset = UTF-8 '); $ ip = $ _ SERVER ['remote _ ADDR']; // obtain the ip address of the Current Visitor $ logFilePath = '. /log/'; // log file storage directory $ fileht = '. htaccess2; // The forbidden ip record file $ allowtime = 60; // anti-Refresh time $ allownum = 5; // anti-Refresh times $ allowRefresh = 120; // Add if (! File_exists ($ fileht) {file_put_contents ($ fileht, '') ;}$ filehtarr =@ file ($ fileht); if (in_array ($ ip. "\ r \ n", $ filehtarr) {exit ('warning: your IP address has been disabled! ');} // Add the prohibited ip address $ time = time (); $ fileforbid = $ logFilePath. 'forbidchk. dat '; if (file_exists ($ fileforbid) {if ($ time-filemtime ($ fileforbid)> 30) {@ unlink ($ fileforbid );} else {$ fileforbidarr = @ file ($ fileforbid); if ($ ip = substr ($ fileforbidarr [0], 0, strlen ($ ip ))) {if ($ time-substr ($ fileforbidarr [1], 0, strlen ($ time)> 120) {@ unlink ($ fileforbid );} else if ($ fileforbidarr [2]> $ allowRefresh) {file_put_contents ($ fileht, $ Ip. "\ r \ n", FILE_APPEND); @ unlink ($ fileforbid);} else {$ fileforbidarr [2] ++; file_put_contents ($ fileforbid, $ fileforbidarr) ;}}/// anti-Refresh $ str = ''; $ file = $ logFilePath. 'ipdate. dat '; if (! File_exists ($ logFilePath )&&! Is_dir ($ logFilePath) {mkdir ($ logFilePath, 0777);} if (! File_exists ($ file) {file_put_contents ($ file, '');} $ uri = $ _ SERVER ['request _ URI ']; // obtain the current webpage file address $ checkip = md5 ($ ip); $ checkuri = md5 ($ uri); $ yesno = true; $ ipdate = @ file ($ file); foreach ($ ipdate as $ k => $ v) {$ iptem = substr ($ v, 0, 32 ); $ uritem = substr ($ v, 32, 32); $ timetem = substr ($ v, 64, 10); $ numtem = substr ($ v, 74 ); if ($ time-$ timetem <$ allowtime) {if ($ iptem! = $ Checkip) {$ str. = $ v;} else {$ yesno = false; if ($ uritem! = $ Checkuri) {$ str. = $ iptem. $ checkuri. $ time. "\ r \ n";} else if ($ numtem <$ allownum) {$ str. = $ iptem. $ uritem. $ timetem. ($ numtem + 1 ). "\ r \ n";} else {if (! File_exists ($ fileforbid) {$ addforbidarr = array ($ ip. "\ r \ n", time (). "\ r \ n", 1); file_put_contents ($ fileforbid, $ addforbidarr);} file_put_contents ($ logFilePath. 'forbided _ ip. log', $ ip. '--'. date ('Y-m-d H: I: s', time ()). '--'. $ uri. "\ r \ n", FILE_APPEND); $ timepass = $ timetem + $ allowtime-$ time; exit ('Warning: Do not refresh too frequently! ') ;}}} If ($ yesno) {$ str. = $ checkip. $ checkuri. $ time. "\ r \ n";} file_put_contents ($ file, $ str );

The above is all the content of this article, hoping to help you learn.